Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its... Critical Unreviewed
CVE-2012-10047 was published Aug 8, 2025
WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10049 was published Aug 8, 2025
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2012-10050 was published Aug 8, 2025
Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in... Critical Unreviewed
CVE-2012-10036 was published Aug 8, 2025
An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as... Critical Unreviewed
CVE-2010-10013 was published Aug 8, 2025
WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php... Critical Unreviewed
CVE-2012-10041 was published Aug 8, 2025
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in... Critical Unreviewed
CVE-2012-10043 was published Aug 8, 2025
MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php... Critical Unreviewed
CVE-2012-10044 was published Aug 8, 2025
The affected product does not limit the number of attempts for inputting the correct PIN for a... Critical Unreviewed
CVE-2025-46414 was published Aug 8, 2025
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed
CVE-2025-52913 was published Aug 8, 2025
Burk Technology ARC Solo's password change mechanism can be utilized without proper ... Critical Unreviewed
CVE-2025-5095 was published Aug 8, 2025
By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication... Critical Unreviewed
CVE-2025-8284 was published Aug 8, 2025
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed
CVE-2025-8356 was published Aug 8, 2025
Privileged OpenBao Operator May Execute Code on the Underlying Host Critical
CVE-2025-54997 was published for github.com/openbao/openbao (Go) Aug 8, 2025
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30405 was published for executorch (pip) Aug 8, 2025
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30404 was published for executorch (pip) Aug 8, 2025
ExecuTorch heap buffer overflow vulnerability Critical
CVE-2025-54949 was published for executorch (pip) Aug 8, 2025
ExecuTorch out-of-bounds access vulnerability Critical
CVE-2025-54950 was published for executorch (pip) Aug 8, 2025
ExecuTorch vulnerable to Heap-based Buffer Overflow Critical
CVE-2025-54951 was published for executorch (pip) Aug 8, 2025
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective... Critical Unreviewed
CVE-2025-45765 was published Aug 7, 2025
FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html. Critical Unreviewed
CVE-2025-50692 was published Aug 7, 2025
An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database... Critical Unreviewed
CVE-2025-48709 was published Aug 7, 2025
Azure OpenAI Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53767 was published Aug 7, 2025
Azure Portal Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53792 was published Aug 7, 2025
JWE is missing AES-GCM authentication tag validation in encrypted JWE Critical
CVE-2025-54887 was published for jwe (RubyGems) Aug 7, 2025
Sideni
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database